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IN THE CLAIMS: ' . 

1. (currently amended) A method for communicating data between an external 
computing system and an internal computing system over a packet-based network, 
wherein data is transmitted and received in the form of a plurality of packets, the method 
comprising the steps of: 

receiving a commu ni ca ti o n packet from the external computing system over the 
network, the packet having at least a jfirst portion and an end portion, and transmitting the 
packet to the internal computing system; 

in parallel with the step of receiving and transmittmg the packet, determining 
characteristics of the packet from the first portion; 

in parallel with the step of receiving and transmitting the packet, perfonning a 
plurality of checks on the packet, wherein at least certain of the plurality of checks are 
performing in parallel with other of the plurality of checks; 

in parallel with the step of receiving and transmitting the packet, determining if the 
packet should be a valid packet or an invalid packet based on the plurality of checks; and 

after receiving the end portion of the packet, selectively altering the end portion of 
the packet based on whether the packet has been determined to be a valid packet or an 
invalid packet, wherein the packet is selectively altered to be invalid if it was determined 
that the packet should be an invalid packet. 

2. (original) The method of claim 1, wherein the packet is analyzed in real time to 
determine if the packet should be valid or invalid while the packet is being concurrently 
transmitted to the internal computing system. 

3. (original) The method of claim 1, wherein the packet is analyzed to determine 
if the packet is valid without the packet having been completely received and buffered. 

4. (original) The method of claim 1, wherem the packet is determined to be an 
invalid packet if it is determmed that the packet contains a virus, is unauthorized or 
presents a risk of harm to the internal computing system. 

5. (original) The method of claim 1, wherein the plurality of checks are at least in 
part selectively performed based on a state of a physical switch. 
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6. (origmal) The method of claim 5, wherein the physical switch compriises one or 
more user-controlled switches, wherein the plurality of checks are selectively performed - 
based on a user-defined state of the one or more user-controlled switches. 

7. (original) The method of claim 6, wherein the one or more user-controlled 
switches comprise at least one user-controlled switch that controls a configuration or 
reconfiguration of a circuit that performs the plurality of checks. 

8. (original) The method of claim 7, wherein the configuration or reconfiguration 
of the circuit that performs the plurality of checks is performed without requiring user 
entry of configuration commands via software running on the internal computing system. 

9. (original) The method ofclaim 7, wherein the circuit that performs the plurality 
of checks is configured or reconfigured based on commands firom the internal computing 
system and based on a state of the at least one user-controlled switch. 

10. (original) The method of claim 5, wherein at least a subset of the plurality of 
checks are selectively enabled or disabled based on the user-defined state of the user- 
controlled switches. 

11. (original) The method of claim 1, wherein the plurality of checks are 
performed with a programmable logic device, wherein logic within the programmable 
logic device is selectively programmed to perform the plurality of checks in parallel with 
the receiving and transmittmg of the packet. 

12. (original) The method of claim 1 1, wherein a first physical interface circuit 
receives the packet firom the network, wherein the packet is coupled to the programmable 
logic device, wherein the packet is coupled fi-om the programmable logic device to a 
second physical interface circuit for transmission to the internal computing system. 

13. (original) The method of claim 12, wherein the programmable logic device 
performs the plurality of checks while the packet is being coupled fi-om the first physical 
interface to the second physical interfece. 

14. (original) The method of claim 1, wherein the plurality of checks are 
selectively performed based on a commimication state between the external computmg 
system and the internal computing system. 
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15. (original) The method of claim 14, wherein the communication state 
comprises one or more network addresses and/or one or more port numbers. 

16. (original) The method of claim 16, wherein the network address comprises an 
IP address for the external computmg system and/or the internal computing system. 

17. (original) The method of claim 1, further comprising the step of providing 
visual or audio feedback with one or more visual or audio feedback devices, wherein the 
one or more visual or audio feedback devices selectively provide visual or audio feedback 
of the operation or status of a packet filter process. 

18. (original) The method of claim 17, wherein the one or more visual or audio 
feedback devices provide visual or audio feedback that a system performing the packet 
filter process is powered or operational. 

19. (original) The method of claim 18, wherein the one or more visual or audio 
feedback devices provide visual or audio feedback that the system performing the packet 
filter process is subjecting a packet to filtering criteria, 

20. (original) The method of claim 18, wherein the one or more visual or audio 
feedback devices provide visual or audio feedback that the system performing the packet 
filter process has rejected one or more packets. 

21. (original) The method of claim 17, wherehi the one or more visual or audio 
feedback devices provide visual or audio feedback that the internal computing system is 
suspected to be under attack, 

22. (original) The method of claim 21, wherein the one or more visual or audio 
feedback devices provide visual or audio feedback of an estimated severity of the attack. 

23. (original) The method of claim 18, wherein the one or more visual or audio 
feedback devices provide visual or audio feedback of a state of the system performmg the 
packet filter process until the one or more visual or audio feedback devices are reset by a 
user. 

24. (original) The method of claim 23, wherein the one or more visual or audio 
feedback devices are reset by the state of a physical switch. 

25. (original) The method of claim 18, wherein the one or more visual or audio 
feedback devices comprise at least one light source, wherein the light source is selectively 
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controlled to provide information indicative of ths operation or status of the system 
performing the packet filter process. 

26. (original) The method of claim 25, wherein the light source is controlled to 
have a first color or a second color depending on the operation or status of the system 
performing the packet filter process. 

27. (original) The method of claim 25, wherein the light source is controlled to 
selectively blinlc depending on the operation or status of the system perfoniiing the packet 
filter process. 

28. (original) The method of cl^ 27, wherein the light source is controlled to 
selectively blink at a rate that is indicative of a severity level of a suspected attack on the 
internal computing system, 

29. (original) The method of claim 25, wherein the at least one light source 
comprises an LED. 

30. (original) The method of claim 17, wherein the one or more visual or audio 
feedback devices comprise a speaker. 

3 1 . (currently amended) A system for filtering packets of data between at least an 
external network and an internal network, wherein data is transmitted and received in the 
form of a plurality of packets, comprising: 

a first interface circuit for coupling data packets to and firom the external network; 
a second interface circuit for coupling data packets t o and firom the internal 
network; 

a programmable logic device coupled between the first interface circuit and the 
second interface circuit; 

wherein, as a packet is being received and transmitted between the first and second 
interface circuits, the packet is simultaneously subjected to a plurality of filtering criteria 
by the programmable logic device, wherein an end portion of the packet is selectively 
altered by the programmable logic device based on the filtering criteria. 

32. (original) The system of claim 31, wherein the filtering criteria determine 
whether the packet is to be a valid packet or an invalid packet, wherein the packet is 
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selectively altered to be invalid if it was detennined that the packet should be an invalid 
packet. 

33. (original) The system of claim 31, wherein the programmable logic circuit 
includes at least first logic for determining characteristics of the packet being received and 
transmitted between the first and second interface circuits and at least a filter portion that 
subjects the packet to the plurality of filtering criteria while the packet is being received 
and transmitted between the first and second interface circuits. 

34. (original) The system of claim 33^ wherein the filter portion includes at least a 
statefiil filter portion and a non-stateful filter portion. 

35. (original) The system of claim 34, wherein the statefiil filter portion subjects 
the packet to one or more statefiil filtering criterion and the non-statefiil filter portion 
subjects the packet to one or more non-stateflil filtering criterion. 

36. (original) The system ofclaim 34, wherein the statefiil filter portion subjects 
the packet to one or more statefiil filtering criterion while the non-stateflil fiher portion 
subjects the packet to one or more non-statefiil filtering criterion. 

37. (original) The system of claim 34, wherein a result aggregator logic receives 
one or more signals from the statefiil filter portion and the non-statefiil filter portion, 
wherein based on the received signals the result aggregator logic controls whether the 
packet is selectively altered to be invalid. 

38. (original) The system of claim 37, wherein the result aggregator logic 
receives a completion signal that indicates whether the statefiil and^or non-statefiil filter 
portions have subjected the packet to all of the filtering criteria. 

39. (original) The system of claim 38, wherein, if the completion signal is not 
received by the result aggregator logic by a time when the end portion of the packet has 
been received, then the packet is selectively altered by the programmable logic device to 
be invahd. 

40. (original) The system of claim 31, wherein the packet is subjected to the 
plurality of filtering criteria in parallel with the packet being received and transmitted 
between the first and second interface circuits, wherein a decision is made whether to 
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selectively alter the packet to be invalid by a time when tlie end portion of the packet has 
been received. 

41. (original) The system of claim 31, wherein the packet is subjected to the 
plurality of filtering criteria in real time witli the packet being received and transmitted 
between the first and second interface circuits. 

42. (original) The system of claim 31, fiirther comprising one or more physical 
switches, wherein the packet is selectively subjected to the filtering criteria based on die 
state of the one or more physical switches. 

43 . (original) The system of claim 42, wherein the state of the one or more 
physical switches selectively enable or disable a predetermined portion of the filtering 
criteria. 

44. (original) The system of claim 42, wherein the state of the one or more 
physical switches selectively enable or disable a predetermined portion of the filtering 
criteria based on whether a computer coupled to the internal network is controlled to 
operate in a client mode or a sever mode. 

45. (original) The system of claim 42, wherein the state of the one or more 
physical switches selectively controls a configuration or reconfiguration operation of the 
programmable logic device. 

46. (original) The system of claim 42, wherein the state of the one or more 
physical switches selectively controls a reset operation of the programmable logic device. 

47. (original) The system of claim 31, fiirther comprising one or more visual or 
audio feedback devices, wherein the one or more visual or audio feedback devices 
selectively provide visual or audio feedback of the operation or status of the system. 



48, (original) The system of claim 47, wherein the one or more visual or audio 
feedback devices provide visual or audio feedback that the system is powered or 
operational. 
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49. (original) The system of claim 47, -wherein the one or more visual or audio 
feedback devices provide visual or audio feedback tliat the system is subjecting a packet to 
the filtering criteria. 

50. (original) The system of claim 47, wherein the one ormore visual or audio 
feedback devices provide visual or audio feedback that the system has rejected one or 
more packets. 

51. (original) The system of claim 47, wherein the one or more visual or audio 
feedback devices provide visual or audio feedback that a computer coupled to the internal 
network is suspected to be under attack. 

52. (original) The system of claim 51, wherein the one or more visual or audio 
feedback devices provide visual or audio feedback of an estimated severity of the attack. 

53. (original) The system of claim 47, wherein the one or more visual or audio 
feedback devices provide visual or audio feedback of a state of the system until the one or 
more visual or audio feedback devices are reset by a user. 

54. (original) The system of claim 53, wherein the one or more visual or audio 
feedback devices are reset by the state of a physical switch. 

55. (original) The system of claim 47, wherein the one or more visual or audio 
feedback devices comprise at least one light source, wherein the light source is selectively 
controlled to provide information indicative of the operation or status of the system. 

56. (original) The system of cWm 55, wherein the light source is controlled to 
have a first color or a second color depending on the operation or status of the system. 

57. (original) Thesystemofclaim55, wherein the light source is controlled to 
selectively blink depending on the operation or status of the system. 

58. (original) The system of claim 57, wherein the light source is controlled to 
selectively blink at a rate that is indicative of a severity level of a suspected attack on a 
computer coupled to the internal network. 

59. (original) The system of claim 55, wherein the at least one light source 
comprises an LED . 

60. (original) The system of claim 47, wherein the one or more visual or audio 
feedback devices comprise a speaker. 
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61. (original) T he system of claim 36, wherein the stateflil filtering criteria are 
dependent upon physical switch position, packet characteristics, clock time and/or user- 
specified criteria. 

62. (original) The system of claim 61, wherein the user-specified criteria are 
entered via a physical input device. 

63. (original) The system of claim 62, wherein the physical input device 
comprises one or more switches, an audio input device, or display input device. 

64. (original) The system of claim 61, wherein the user specified criteria are 
entered via a configuration software. 

65. (original) The system of claim 64, wherein the user specified criteria are 
transferred from the configuration software to the system using a network protocol, 
infi'ared port or cable attachment. 

66. (original) The system of claim 63, wherem the one or more switches comprise a 
toggle switch, button switch or multi-state switch. 
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